We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Hackers get their hands on TripAdvisor email list

Unauthorised third party stole member details

Members of travel review website TripAdvisor have been warned that hackers may have got their hands on their email addresses, following a security breach.

The website revealed an unauthorised third-party has "stolen" part of the website's members email address list.

The website said passwords had not been taken in most cases, and users won't be affected. However, some may receive spam messages as a result of the incident. Steve Kaufer, Co-founder and CEO of Trip Advisor, stressed that the website does not collect members' credit card or financial information, and it never sells or rents its member list.

"We've confirmed the source of the vulnerability and shut it down. We're taking this incident very seriously and are actively pursuing the matter with law enforcement," Kaufer said in an email sent to members.

"The reason we are going directly to you with this news is we think it's the right thing to do. As a TripAdvisor member, I would want to know. Unfortunately, this sort of data theft is becoming more common across many industries, and we take it extremely seriously."

According to Ross Brewer, vice-president and managing director for international markets at security firm LogRhythm, it's the regularity of these types of incident that suggest traditional approaches to IT security are no longer fit for purpose.

"This is the second time a well known website has been breached this week - just a few days ago it was Play.com with egg on its face, now it's TripAdvisor," he said.

"In addition to the traditional perimeter defences organisations typically deploy, organisations also need to adopt tools that enable them to monitor their extended IT infrastructures on a continual basis. Integrated log management and security information event management [SIEM] solutions allow companies to spot any suspicious activity as soon as it happens, acting as a vital safety net when perimeter solutions fail. "

See also:  Firms lose £1.9m per data security breach


IDG UK Sites

Microsoft Band UK release date and price rumours, features and specs: Microsoft smartwatch unveiled

IDG UK Sites

Why Sony's PS4 2.0 update is every gamer's dream (well, mine at least)

IDG UK Sites

This Grolsch ad combines stop-motion & CG for majestic results

IDG UK Sites

Apple rumours and predictions for 2015: What to expect from Apple in 2015